2度のインシデントが示す安全なシステムへの理解不足勤勉な国民性を持ち、システムの運用を行わせれば確実に仕事をこなすことで世界的にも知られている日本において、Mt. Gox事件に続く、2回目の取引所における大きなインシデントが発生した。筆者は、以前より、日経IT Proの連載「ブロックチェーンは本当に世界を変えるのか」(大幅加筆をして書籍『ブロックチェーン技術の未解決問題』として出版)において、ブロックチェーンを用いたシステムにおけるセキュリティ確保の難しさを解説し、スタンフォード大学で行われたブロックチェーンのセキュリティに関するトップの会議であるBlockchain Protocol Analysis and Security Engineering 2017 (BPASE 2017)、IEEE Security & Pricvacy on the Blockhcain(IEEE S&B
タグ
- すべて
- athena (1)
- mail (1)
- review (1)
- spa (1)
- 3d (2)
- AAA (1)
- AIR (1)
- Atlas (1)
- Azure (1)
- Bigtable (2)
- CDN (2)
- ChatGPT (3)
- DL (1)
- DX (1)
- ES6 (2)
- Embulk (5)
- Fastly (1)
- GROWS (1)
- GitHub Actions (3)
- GraphViz (1)
- Kubernetes (8)
- ML (1)
- Makefile (1)
- OpenID (1)
- PICT (1)
- Phoenix (1)
- QR (4)
- REPL (4)
- SI (26)
- SQL (6)
- VPN (1)
- Vault (4)
- WebAuthn (10)
- WebTransport (1)
- abnf (1)
- accessibility (2)
- accounting (2)
- acm (1)
- acme (3)
- activerecord (22)
- activesupport (2)
- actor model (1)
- adobe reader (1)
- agile (11)
- ajax (3)
- akamai (1)
- algorithm (15)
- alpine (3)
- alpn (1)
- amazon (13)
- amazon ec2 (3)
- amazone (1)
- amp (1)
- android (10)
- animation (1)
- ansible (15)
- antlr (1)
- aop (2)
- apache (18)
- api (12)
- api-gateway (1)
- apigateway (1)
- appengine (21)
- appium (1)
- appmesh (3)
- appserver (2)
- appveyor (1)
- architecture (11)
- archtecture (1)
- arm (1)
- atom (2)
- aurora (15)
- auth (2)
- authn (17)
- authorization (2)
- authz (6)
- automation (1)
- awk (2)
- aws (233)
- awscli (1)
- babysrecipe (3)
- backbone.js (2)
- bank (1)
- bar (1)
- base64 (1)
- bash (3)
- batch (2)
- beanstalk (6)
- benchmark (10)
- berkeleydb (1)
- bigquery (2)
- blockchain (3)
- blog (3)
- book (5)
- brainwars (1)
- brew (2)
- bts (1)
- buf (1)
- buildr (1)
- bumblebee (1)
- business (17)
- c++ (1)
- ca (2)
- cacti (1)
- cafe (2)
- capistrano2 (3)
- career (3)
- cassandra (5)
- cbor (1)
- cedec2015 (3)
- certbot (1)
- chaos engineering (1)
- chef (6)
- chrome (22)
- chrome-devtool (1)
- ci (4)
- cifs (1)
- cipher (2)
- circleci (8)
- clang-format (1)
- clean architecture (4)
- clientcert (1)
- closurelibrary (1)
- cloud (27)
- cloudevents (1)
- cloudflare (12)
- cloudfront (2)
- cloudsearch (2)
- cncf (1)
- coding rule (2)
- coffeescript (3)
- cognito (4)
- confluence (2)
- consul (13)
- container (2)
- copyright (1)
- corp it (2)
- cors (2)
- covid-19 (3)
- cqrs (1)
- crossdomain (3)
- crypto (2)
- cs (1)
- css (12)
- css3 (10)
- csv (1)
- culture (1)
- curl (1)
- cyberagent (2)
- cygwin (3)
- data engineering (2)
- data management (1)
- database (40)
- datadog (4)
- db (3)
- dbcp (1)
- dbunit (1)
- ddd (6)
- ddos (1)
- deb (1)
- deep learning (2)
- deeplink (2)
- deno (2)
- deno wasm (1)
- design (20)
- design pattern (5)
- dev (1)
- devbox (1)
- development (177)
- devops (1)
- diff (1)
- digdag (14)
- director (1)
- disk (1)
- distributed (4)
- distributed lock (1)
- distroless (2)
- dkim (1)
- dmarc (1)
- dns (11)
- doc (1)
- docker (90)
- documentation (2)
- dojo (1)
- dolt (1)
- domain (2)
- drbd (1)
- drm (1)
- dsl (1)
- eKYC (1)
- earthly (1)
- ebpf (2)
- ebs (1)
- eclipse (15)
- eclipse-plugin (10)
- ecs (4)
- ecspresso (2)
- editor (6)
- eks (2)
- elasticache (1)
- elasticbeanstalk (2)
- elasticsearch (16)
- electron (1)
- elixir (5)
- email (3)
- embedded (1)
- emscripten (1)
- encoding (1)
- engineer (7)
- engineering (1)
- english (3)
- envoy (5)
- epel (1)
- equipment (1)
- erlang (5)
- errors (1)
- etcd (1)
- eventsourcing (2)
- evernote (2)
- extension (2)
- fabric (5)
- facebook (4)
- failure injection (1)
- fargate (2)
- ffmpeg (1)
- fido2 (11)
- figma (1)
- file system (3)
- finagle (2)
- finch (1)
- fintech (1)
- fio (1)
- firebase (2)
- firecracker (1)
- flash (1)
- flatbuffers (1)
- fluentd (21)
- fluentdbit (1)
- flutter (1)
- flux (3)
- flyway (1)
- font (1)
- food (5)
- force.com (1)
- fpm (1)
- framework (5)
- freee (11)
- fresh (1)
- frontend (33)
- g-wan (1)
- game (4)
- gamedesign (14)
- gce (2)
- gcp (41)
- gcs (1)
- gem (1)
- geo (2)
- geoip (3)
- gif (1)
- git (61)
- github (24)
- glassfish (2)
- gmail (2)
- go (1)
- goemon (1)
- golang (344)
- google (13)
- google analytics (1)
- google apps (1)
- google+ (5)
- graceful (1)
- gradle (2)
- graphdatabase (2)
- graphql (8)
- grpc (45)
- grpc-gateway (2)
- hadoop (16)
- hatena (2)
- hbase (3)
- health tech (7)
- heroku (6)
- homebrew (8)
- hr (2)
- html (10)
- html5 (31)
- http (40)
- http2 (19)
- http3 (3)
- hubot (12)
- hudson (5)
- iOS (20)
- ide (4)
- identity (4)
- ie (2)
- image (9)
- imagemagick (5)
- infra (9)
- infrastructure (7)
- intellij (9)
- interview (3)
- intr (11)
- io.js (3)
- iphone (4)
- istio (2)
- java (269)
- javascript (170)
- jax-rs (7)
- jenkins (19)
- jmx (3)
- jolokia (2)
- jq (4)
- jquery (8)
- json (7)
- junit (3)
- jwt (7)
- k8s (7)
- key-value (3)
- keycloak (3)
- kibana (4)
- kms (2)
- kotlin (1)
- kubernates (3)
- kvs (4)
- lambda (4)
- lets encrypt (12)
- librahack (4)
- license (2)
- life (12)
- linux (296)
- load test (2)
- log (3)
- lua (2)
- lucene (3)
- mac (88)
- machinelerning (3)
- make (6)
- management (24)
- mapreduce (6)
- marketing (2)
- maven (10)
- medical (2)
- medley (37)
- memcached (9)
- messagepack (7)
- microservices (20)
- mobile (10)
- mongodb (49)
- mongoid (3)
- monitoring (30)
- mqtt (20)
- munin (7)
- mysql (125)
- nat traversal (2)
- network (19)
- next.js (4)
- nginx (23)
- node (2)
- node.js (105)
- nomad (2)
- normalization (6)
- nosql (3)
- nozbe (2)
- oauth (22)
- ocr (3)
- oidc (17)
- opa (2)
- openapi (2)
- openssl (3)
- operation (10)
- oss (2)
- osx (3)
- passkey (7)
- performance (20)
- pharmacy (2)
- php (11)
- pigg (2)
- pjax (2)
- pki (8)
- planning (3)
- plantuml (3)
- play (4)
- postgresql (9)
- programing (13)
- programming (107)
- project management (3)
- protobuf (15)
- protocol (28)
- pwa (5)
- python (22)
- qrcode (3)
- rails (86)
- ranking (3)
- react (6)
- react.js (10)
- realtime (4)
- recipe (182)
- recruiting (6)
- redash (3)
- redis (40)
- refactoring (4)
- reference (2)
- regexp (11)
- repo (2)
- rest (7)
- riak (3)
- rspec (13)
- ruby (159)
- rust (7)
- salesforce (57)
- scala (2)
- scm (2)
- security (182)
- selenium (17)
- sensu (3)
- seo (9)
- serf (12)
- serverless (3)
- serverspec (4)
- servicemesh (6)
- shell (19)
- shibuya (4)
- skill map (2)
- skype (2)
- slack (13)
- slo (2)
- smb (4)
- smtp (4)
- snmp (2)
- sns (2)
- socket.io (2)
- spdy (2)
- spring (13)
- spring boot (7)
- ssh (6)
- ssl (10)
- st (2)
- storage (3)
- streaming (3)
- study (2)
- subversion (4)
- supervisord (2)
- swift (3)
- symfony (7)
- tcp (2)
- teraterm (3)
- terminal (6)
- terraform (17)
- test (22)
- testing (6)
- tls (27)
- tmux (7)
- tomcat (9)
- tool (55)
- traffic (12)
- trouble (3)
- twitter (3)
- typescript (3)
- ubuntu (5)
- udp (3)
- ui (2)
- uml (4)
- unicode (9)
- unittest (2)
- unity (23)
- vagrant (17)
- vim (57)
- virtualbox (4)
- wallpaper (2)
- wasm (11)
- web (10)
- webcontainer (2)
- webdav (2)
- webotp (2)
- webrtc (9)
- webservice (114)
- websocket (12)
- windows (32)
- work (12)
- xpath (5)
- xtext (2)
- ycsb (3)
- zerossl (2)
- zookeeper (2)
- あとで読む (43)
- これはすごい (2)
- ネタ (17)
- 全文検索 (8)
- 増田文学 (3)
- 文字コード (4)
- 機械学習 (2)
- 考え方 (2)
- golang (344)
- linux (296)
- java (269)
- aws (233)
- recipe (182)
- security (182)
- development (177)
- javascript (170)
- ruby (159)
- mysql (125)
cipherに関するkei2100のブックマーク (2)
-
kei2100 2018/02/06
- blockchain
- security
- cipher
リンク -
本当は怖いAES-GCMの話 - ぼちぼち日記
Disclaimer 本エントリーは、この夏 blackhat usa 2016で行われる予定の講演「NONCE-DISRESPECTING ADVERSARIES: PRACTICAL FORGERY ATTACKS ON GCM IN TLS」 のネタバレを含んでいます。現地で直接聞く方は読まないよう気をつけて下さい。 0. 短いまとめ 今回は短めにと思ったのですが、やっぱりそれなりの分量でした。なので短いまとめを書いておきます。 4千万以上のサイト対してAES-GCM使ったTLS通信の初期ベクトル(IV)データのサーベイが行われ、7万程のサイトでIVの値が再利用される可能性があることがわかりました。IVが再利用された場合、AES-GCMの安全性は致命的な影響を受けます。IVの再利用が判明した幾つか実装から既に脆弱性のアナウンスが出ています。 IVが再利用された場合、現実的にHTTPS
-
1
公式Twitter
- @HatenaBookmark
リリース、障害情報などのサービスのお知らせ
- @hatebu
最新の人気エントリーの配信
処理を実行中です
キーボードショートカット一覧
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
設定を変更しましたx